The present embodiments relate to the decryption of data using a cryptographically and/or physically secure apparatus.
In theoretical cryptography, the security of a cryptographic method is conventionally assessed using the input and output behavior. In this case, an attacker or a hacker may see only the input and/or the output of the cryptographically processed data and is then to draw conclusions on the cryptographic key used with knowledge of the method used.
For example, the computational steps of the cryptographic method are executed in a protected environment to which the attacker does not have access. In practice, such a secure computational environment may be simulated using a security token (e.g., a chip card or a dongle). The security token has various hardware and software protective measures that make it possible for the security token to be used both as a confidential and tamperproof memory for secret data (e.g., key material) and to directly execute parts of the application to be protected in the target system in the protected environment of the token. However, the security token may be greatly restricted with respect to the memory size of data and program memories and power and performance of the available computational capacity. Therefore, only the core cryptographic functions may be implemented in a security token. The largest part of the application or program then runs on a computer system with no level of protection or a considerably lower level of protection.
There are also approaches that make it possible to physically protect more powerful computer systems. However, the outlay for these measures and the additional costs during technical implementation are so high in relation to the levels of protection that may be achieved and the planned applications that such methods are used only for applications with military security.
If a cryptographic algorithm that requires an item of secret information is to be executed on a system that allows the attacker to follow the progress of the algorithm, further protective mechanisms are used in order to be protected against particular classes of attacks. If, for example, it is possible for the attacker to measure physical properties of the computational environment (e.g., runtime), dynamic current consumption or electromagnetic radiation, during the computation process, measures for warding off side-channel attacks are important.
If the computational environment for the cryptographic method includes a computer system that does not provide any physical protection, the attacker has complete control over the computational steps carried out and the processed data. In this case, the algorithm is to be implemented such that it is not possible for the attacker, even though the attacker may understand the execution of the algorithm down to the last detail, to understand the algorithm or to extract the processed secret. Such an implementation of an algorithm is referred to as obfuscated.
Methods for providing a secure calculation environment extend from pure software solutions to specially produced hardware or combinations of software and hardware. In this case, at least one security device that provides physical and/or cryptographic protection is used to implement the secure calculation environment. Pure software solutions are used if no further protective functions are available through the hardware of the computer system, or this is not desirable for reasons of cost. The program intended to be executed on the computer system may be changed by suitable code transformations (e.g., code obfuscation) such that reverse engineering by an attacker is made more difficult or is ideally prevented. Special techniques (e.g., white box cryptography) may be used in the software to protect secret key material. The level of security that may be achieved is low in comparison with techniques using hardware protective measures, and the transformation of the code may be associated with considerable performance losses and a considerably greater need for program and storage space.
In the solution approaches with hardware support, a security token is used in most applications to provide a secure computer system. Such a security token includes special hardware protective mechanisms (e.g., sensors for temperature, operating voltage, attacks using laser flashes, encrypted buses and memories, noise generators, random wait state generators, shields for protecting against probing using needles, special chip design styles etc.). Security tokens are simple computer systems including RAM, a non-volatile memory (e.g., flash or EEPROM), a CPU and IO interfaces (e.g., UART, SPI, USB, etc.), and provide a comparatively high level of security against attacks. The security tokens may include additional hardware for efficiently calculating cryptographic methods (e.g., DES accelerators, AES accelerators, arbitrary precision arithmetic units). The performance of the security tokens may be very restricted with respect to memory size, CPU speed and data throughput of the interfaces, with the result that only small, security-relevant parts of an application may be executed inside the token.
Alternatively, single-chip controllers specifically produced for security applications are also available on the market and may be used, for example, in embedded applications.
These computer systems may be somewhat more powerful than security tokens but make the design of a product considerably more expensive.
The entire device may be protected by special measures for designing the housing. Such measures extend from simple switches for detecting the opening of a housing, special housings, drill protection films, special printed circuit boards to production techniques such as casting or sealing. The devices may have an active sensor system in order to be able to detect and respond to tampering attempts and use an uninterruptible power supply with a battery for this purpose. A powerful computer system including standard components may be used inside such a device. However, the corresponding development and production outlay for such systems is high, with the result that such protective measures may only occur in military applications. Organizational measures for regularly exchanging the battery are additionally used in order to be able to provide availability of the devices.
Until a few years ago, a homomorphic encryption function was a concept only discussed in theoretical cryptography and intended to make it possible to implement a secure calculation environment for programs on unprotected computer systems solely using computational operations on encrypted data.
A method for implementing homomorphic encryption functions with all properties used to carry out any desired calculations under particular cryptographic complexity assumptions has been described (see Craig Gentry, A Fully Homomorphic Encryption Scheme, Dissertation, Stanford University, September 2009). The techniques described have been developed further, and performance has been improved (see Nigel P. Smart, Frederik Vercauteren, Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes, Public Key Cryptography 2010, Lecture Notes in Computer Science 6056, p. 420-443, Marten van Dijk, Craig Gentry, Shai Halevi, Vinod Vaikuntanathan, Fully Homomorphic Encryption over the Integers, Advances in Cryptography, EUROCRYPT 2010, Lecture Notes in Computer Science 6110, p. 24-43, and Craig Gentry, Shai Halevi, Fully Homomorphic Encryption without Squashing Using Depth-3 Arithmetic Circuits, FOCS 2011).